From: sven.vermeulen@siphos.be (Sven Vermeulen) Date: Sun, 10 Mar 2013 15:52:49 +0100 Subject: [refpolicy] [PATCH 5/6] Denial in mail log on node bind In-Reply-To: <1362927170-31116-1-git-send-email-sven.vermeulen@siphos.be> References: <1362927170-31116-1-git-send-email-sven.vermeulen@siphos.be> Message-ID: <1362927170-31116-6-git-send-email-sven.vermeulen@siphos.be> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com When mails are sent to an IPv6-enabled server, the following denial is otherwise shown in the mail logs: postfix/smtp[7620]: warning: smtp_connect_addr: bind : Permission denied Signed-off-by: Sven Vermeulen --- postfix.te | 2 ++ 1 file changed, 2 insertions(+) diff --git a/postfix.te b/postfix.te index 191a66f..dd59b2a 100644 --- a/postfix.te +++ b/postfix.te @@ -702,6 +702,8 @@ allow postfix_smtp_t { postfix_prng_t postfix_spool_t }:file rw_file_perms; rw_files_pattern(postfix_smtp_t, postfix_spool_maildrop_t, postfix_spool_maildrop_t) +corenet_tcp_bind_generic_node(postfix_smtp_t) + optional_policy(` cyrus_stream_connect(postfix_smtp_t) ') -- 1.8.1.5